Bug 153070

Summary: [iOS Simulator WK1] ASSERT loading Blink layout test imported/web-platform-tests/mediacapture-streams/stream-api/mediastream/mediastream-idl.html
Product: WebKit Reporter: Jiewen Tan <jiewen_tan>
Component: MediaAssignee: Eric Carlson <eric.carlson>
Status: RESOLVED FIXED    
Severity: Normal CC: aestes, commit-queue, ddkilzer, eric.carlson, jiewen_tan, joepeck, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
crashing testcase
none
Proposed patch. none

Jiewen Tan
Reported 2016-01-13 10:36:41 PST
Created attachment 268878 [details] crashing testcase The test case will fail on Mac WK1 and crash on iOS-simulator WK1. Crashed Thread: 3 WebThread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef Exception Note: EXC_CORPSE_NOTIFY VM Regions Near 0xbbadbeef: --> __TEXT 000000010d87e000-000000010d908000 [ 552K] r-x/rwx SM=COW /Users/USER/Library/Developer/CoreSimulator/Devices/491C435D-8C4D-4379-B905-BC329B464D0B/data/Containers/Bundle/Application/046F0D29-59B8-4C57-A14D-2C3AB962F1DB/DumpRenderTree0.app/DumpRenderTree Application Specific Information: CRASHING TEST: 150195/mediastream-idl.html CoreSimulator 201.3 - Device: iPhone 5s WebKit Tester0 - Runtime: iOS 9.2 (13D11) - DeviceType: iPhone 5s Thread 0:: Dispatch queue: com.apple.main-thread 0 libsystem_kernel.dylib 0x000000011e2e7386 mach_msg_trap + 10 1 libsystem_kernel.dylib 0x000000011e2e67c7 mach_msg + 55 2 com.apple.CoreFoundation 0x000000010e391b64 __CFRunLoopServiceMachPort + 212 3 com.apple.CoreFoundation 0x000000010e390fbf __CFRunLoopRun + 1295 4 com.apple.CoreFoundation 0x000000010e390828 CFRunLoopRunSpecific + 488 5 DumpRenderTree 0x000000010d8917a2 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) + 6498 (DumpRenderTree.mm:2039) 6 DumpRenderTree 0x000000010d88fdd3 runTestingServerLoop() + 323 (DumpRenderTree.mm:1189) 7 DumpRenderTree 0x000000010d88f557 dumpRenderTree(int, char const**) + 823 (DumpRenderTree.mm:1298) 8 DumpRenderTree 0x000000010d892092 -[DumpRenderTree _runDumpRenderTree] + 34 (DumpRenderTree.mm:1337) 9 com.apple.Foundation 0x000000010ea7c067 __NSThreadPerformPerform + 283 10 com.apple.CoreFoundation 0x000000010e39ba31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 11 com.apple.CoreFoundation 0x000000010e3918d7 __CFRunLoopDoSources0 + 423 12 com.apple.CoreFoundation 0x000000010e390e13 __CFRunLoopRun + 867 13 com.apple.CoreFoundation 0x000000010e390828 CFRunLoopRunSpecific + 488 14 com.apple.GraphicsServices 0x000000010ee9bad2 GSEventRunModal + 161 15 com.apple.UIKit 0x000000010f439610 UIApplicationMain + 171 16 DumpRenderTree 0x000000010d8928f9 DumpRenderTreeMain(int, char const**) + 137 (DumpRenderTree.mm:1433) 17 DumpRenderTree 0x000000010d8e2032 main + 34 (DumpRenderTreeAppMain.mm:32) 18 libdyld.dylib 0x000000011dfad92d start + 1 Thread 1:: Dispatch queue: com.apple.libdispatch-manager 0 libsystem_kernel.dylib 0x000000011e2edfde kevent64 + 10 1 libdispatch.dylib 0x000000011df6e8c0 _dispatch_mgr_invoke + 260 2 libdispatch.dylib 0x000000011df6e65a _dispatch_mgr_thread + 54 Thread 2: 0 libsystem_kernel.dylib 0x000000011e2ed206 __semwait_signal + 10 1 libsystem_c.dylib 0x000000011e074cab nanosleep + 199 2 libc++.1.dylib 0x000000011db12100 std::__1::this_thread::sleep_for(std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000000000l> > const&) + 75 3 JavaScriptCore 0x0000000119543bd6 void std::__1::this_thread::sleep_for<long long, std::__1::ratio<1l, 1000l> >(std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> > const&) + 1782 (thread:433) 4 JavaScriptCore 0x0000000119540753 bmalloc::sleep(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >) + 195 (StaticMutex.h:65) 5 JavaScriptCore 0x00000001195404ad bmalloc::waitUntilFalse(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >, bool&) + 61 (StaticMutex.h:72) 6 JavaScriptCore 0x0000000119540409 bmalloc::Heap::scavenge(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >) + 73 (Heap.cpp:92) 7 JavaScriptCore 0x000000011953fe98 bmalloc::Heap::concurrentScavenge() + 104 (Heap.cpp:85) 8 JavaScriptCore 0x0000000119545a32 bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>::threadRunLoop() + 1298 (AsyncTask.h:145) 9 JavaScriptCore 0x00000001195454e5 bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>::threadEntryPoint(bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*) + 21 (AsyncTask.h:128) 10 JavaScriptCore 0x0000000119547772 void* std::__1::__thread_proxy<std::__1::tuple<void (*)(bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*), bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*> >(void*) + 418 (__functional_base:415) 11 libsystem_pthread.dylib 0x000000011e2b1c13 _pthread_body + 131 12 libsystem_pthread.dylib 0x000000011e2b1b90 _pthread_start + 168 13 libsystem_pthread.dylib 0x000000011e2af375 thread_start + 13 Thread 3 Crashed:: WebThread 0 JavaScriptCore 0x00000001194c1f77 WTFCrash + 39 (Assertions.cpp:321) 1 JavaScriptCore 0x000000011950a679 WTF::RunLoop::main() + 57 (RunLoop.cpp:65) 2 com.apple.WebCore 0x000000011212892d WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource() + 397 (MockRealtimeVideoSource.cpp:60) 3 com.apple.WebCore 0x000000011212c32c WebCore::MockRealtimeVideoSourceMac::MockRealtimeVideoSourceMac() + 28 (MockRealtimeVideoSourceMac.mm:54) 4 com.apple.WebCore 0x000000011212c305 WebCore::MockRealtimeVideoSourceMac::MockRealtimeVideoSourceMac() + 21 (MockRealtimeVideoSourceMac.mm:55) 5 com.apple.WebCore 0x000000011212c278 WebCore::MockRealtimeVideoSource::create() + 56 (MockRealtimeVideoSourceMac.mm:49) 6 com.apple.WebCore 0x0000000112124dbc WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints(WebCore::MediaStreamCreationClient*, WTF::RefPtr<WebCore::MediaConstraints>&, WTF::RefPtr<WebCore::MediaConstraints>&) + 428 (MockRealtimeMediaSourceCenter.cpp:95) 7 com.apple.WebCore 0x0000000112bba262 WebCore::UserMediaRequest::start() + 82 (UserMediaRequest.cpp:121) 8 com.apple.WebCore 0x0000000112bba08d WebCore::UserMediaRequest::start(WebCore::Document*, WebCore::Dictionary const&, WebCore::DOMPromise<WTF::RefPtr<WebCore::MediaStream>, WTF::RefPtr<WebCore::NavigatorUserMediaError> >&&, int&) + 557 (UserMediaRequest.cpp:92) 9 com.apple.WebCore 0x0000000111fcc04a WebCore::MediaDevices::getUserMedia(WebCore::Dictionary const&, WebCore::DOMPromise<WTF::RefPtr<WebCore::MediaStream>, WTF::RefPtr<WebCore::NavigatorUserMediaError> >&&, int&) const + 74 (MediaDevices.cpp:69) 10 com.apple.WebCore 0x0000000111b71328 WebCore::jsMediaDevicesPrototypeFunctionGetUserMediaFromJSPromise(JSC::ExecState*, JSC::JSPromiseDeferred*) + 712 (JSMediaDevices.cpp:167) 11 com.apple.WebCore 0x0000000111865977 WebCore::callPromiseFunction(JSC::ExecState&, long long (*)(JSC::ExecState*, JSC::JSPromiseDeferred*)) + 71 (JSDOMPromise.h:65) 12 com.apple.WebCore 0x0000000111b70cbc WebCore::jsMediaDevicesPrototypeFunctionGetUserMediaFromJS(JSC::ExecState*) + 28 (JSMediaDevices.cpp:150) 13 ??? 0x0000039f740ee028 0 + 3983381815336 14 JavaScriptCore 0x00000001191fbd33 llint_entry + 26847 15 JavaScriptCore 0x00000001191fbd33 llint_entry + 26847 16 JavaScriptCore 0x00000001191fc17b llint_entry + 27943 17 JavaScriptCore 0x00000001191fbd33 llint_entry + 26847 18 JavaScriptCore 0x00000001191f523e vmEntryToJavaScript + 334 19 JavaScriptCore 0x000000011902c9d5 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 213 (JITCode.cpp:80) 20 JavaScriptCore 0x0000000118ff7a07 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 4471 (Interpreter.cpp:973) 21 JavaScriptCore 0x0000000118b23a11 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 465 (Completion.cpp:105) 22 com.apple.WebCore 0x0000000111b669f5 WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 69 (JSMainThreadExecState.h:62) 23 com.apple.WebCore 0x00000001126ac7f1 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) + 321 (ScriptController.cpp:164) 24 com.apple.WebCore 0x00000001126ac94c WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&, WebCore::ExceptionDetails*) + 76 (ScriptController.cpp:180) 25 com.apple.WebCore 0x00000001126bb485 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 485 (ScriptElement.cpp:310) 26 com.apple.WebCore 0x00000001126ba373 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1731 (ScriptElement.cpp:241) 27 com.apple.WebCore 0x0000000111529c50 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 352 (HTMLScriptRunner.cpp:304) 28 com.apple.WebCore 0x0000000111529a69 WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 137 (HTMLScriptRunner.cpp:177) 29 com.apple.WebCore 0x00000001114598c0 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 288 (HTMLDocumentParser.cpp:195) 30 com.apple.WebCore 0x00000001114599c1 WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 177 (HTMLDocumentParser.cpp:214) 31 com.apple.WebCore 0x0000000111458d51 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 385 (HTMLDocumentParser.cpp:252) 32 com.apple.WebCore 0x0000000111458999 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) + 169 (HTMLDocumentParser.cpp:167) 33 com.apple.WebCore 0x000000011145a9d6 WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() + 374 (HTMLDocumentParser.cpp:488) 34 com.apple.WebCore 0x000000011145adda WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 314 (HTMLDocumentParser.cpp:528) 35 com.apple.WebCore 0x000000011145ae1f non-virtual thunk to WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 47 (HTMLDocumentParser.cpp:512) 36 com.apple.WebCore 0x0000000110b8fa42 WebCore::CachedResource::checkNotify() + 130 (CachedResource.cpp:295) 37 com.apple.WebCore 0x0000000110b8fb51 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) + 49 (CachedResource.cpp:313) 38 com.apple.WebCore 0x0000000110bae31e WebCore::CachedScript::finishLoading(WebCore::SharedBuffer*) + 126 (CachedScript.cpp:117) 39 com.apple.WebCore 0x00000001128fb655 WebCore::SubresourceLoader::didFinishLoading(double) + 517 (SubresourceLoader.cpp:374) 40 com.apple.WebCore 0x0000000112629f65 WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double) + 53 (ResourceLoader.cpp:638) 41 com.apple.WebCore 0x0000000112a5df4c WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didFinishLoading() + 236 (SynchronousResourceHandleCFURLConnectionDelegate.cpp:208) 42 com.apple.WebCore 0x00000001126240cd WebCore::ResourceHandleCFURLConnectionDelegate::didFinishLoadingCallback(_CFURLConnection*, void const*) + 29 (ResourceHandleCFURLConnectionDelegate.cpp:88) 43 com.apple.CFNetwork 0x000000010df02fbe ___ZN27URLConnectionClient_Classic26_delegate_didFinishLoadingEU13block_pointerFvvE_block_invoke + 104 44 com.apple.CFNetwork 0x000000010dff0965 ___ZN27URLConnectionClient_Classic18_withDelegateAsyncEPKcU13block_pointerFvP16_CFURLConnectionPK33CFURLConnectionClientCurrent_VMaxE_block_invoke_2 + 100 45 libdispatch.dylib 0x000000011df7e4a7 _dispatch_client_callout + 8 46 libdispatch.dylib 0x000000011df65223 _dispatch_block_invoke + 408 47 com.apple.CFNetwork 0x000000010deef1ac RunloopBlockContext::_invoke_block(void const*, void*) + 24 48 com.apple.CoreFoundation 0x000000010e36eee4 CFArrayApplyFunction + 68 49 com.apple.CFNetwork 0x000000010deef0a5 RunloopBlockContext::perform() + 137 50 com.apple.CFNetwork 0x000000010deeef5e MultiplexerSource::perform() + 282 51 com.apple.CFNetwork 0x000000010deeed80 MultiplexerSource::_perform(void*) + 72 52 com.apple.CoreFoundation 0x000000010e39ba31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 53 com.apple.CoreFoundation 0x000000010e39195c __CFRunLoopDoSources0 + 556 54 com.apple.CoreFoundation 0x000000010e390e13 __CFRunLoopRun + 867 55 com.apple.CoreFoundation 0x000000010e390828 CFRunLoopRunSpecific + 488 56 com.apple.WebCore 0x0000000112c3c790 RunWebThread(void*) + 752 (WebCoreThread.mm:691) 57 libsystem_pthread.dylib 0x000000011e2b1c13 _pthread_body + 131 58 libsystem_pthread.dylib 0x000000011e2b1b90 _pthread_start + 168 59 libsystem_pthread.dylib 0x000000011e2af375 thread_start + 13
Attachments
crashing testcase (24.14 KB, application/x-gzip)
2016-01-13 10:36 PST, Jiewen Tan 		no flags
Details
Proposed patch. (1.66 KB, patch)
2016-01-16 13:59 PST, Eric Carlson 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Jiewen Tan
Comment 1 2016-01-13 22:25:02 PST
<rdar://problem/24183105>
Eric Carlson
Comment 2 2016-01-14 08:38:05 PST
Assert happens when creating a runloop timer on the Web thread. Assert is: RunLoop& RunLoop::main() { ASSERT(s_mainRunLoop); return *s_mainRunLoop; } Is it not possible to use a runloop timer on the WebThread?
David Kilzer (:ddkilzer)
Comment 3 2016-01-14 11:28:49 PST
(In reply to comment #2) > Assert happens when creating a runloop timer on the Web thread. Assert is: > > RunLoop& RunLoop::main() > { > ASSERT(s_mainRunLoop); > return *s_mainRunLoop; > } > > Is it not possible to use a runloop timer on the WebThread? I think it is possible, but there may be a "special" way to do it. (And I remember their being caveats, but not exactly what they were.) This is stating the obvious (probably not helpful), but you want to use a WebThread runloop, not a main thread runloop, if you're going to spin it on the WebThread.
Eric Carlson
Comment 4 2016-01-14 14:14:30 PST
(In reply to comment #3) > (In reply to comment #2) > > Assert happens when creating a runloop timer on the Web thread. Assert is: > > > > RunLoop& RunLoop::main() > > { > > ASSERT(s_mainRunLoop); > > return *s_mainRunLoop; > > } > > > > Is it not possible to use a runloop timer on the WebThread? > > I think it is possible, but there may be a "special" way to do it. (And I > remember their being caveats, but not exactly what they were.) > > This is stating the obvious (probably not helpful), but you want to use a > WebThread runloop, not a main thread runloop, if you're going to spin it on > the WebThread. Of course, I should be passing "RunLoop::current()" instead of "RunLoop::main()" to the timer constructor.
Eric Carlson
Comment 5 2016-01-16 13:59:11 PST
Created attachment 269179 [details] Proposed patch.
Darin Adler
Comment 6 2016-01-18 18:40:57 PST
Comment on attachment 269179 [details] Proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=269179&action=review > Source/WebCore/ChangeLog:13 > + (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Create the timer with RunLoop::current > + instead of RunLoop::main. Why?
WebKit Commit Bot
Comment 7 2016-01-18 19:28:37 PST
Comment on attachment 269179 [details] Proposed patch. Clearing flags on attachment: 269179 Committed r195244: <http://trac.webkit.org/changeset/195244>
WebKit Commit Bot
Comment 8 2016-01-18 19:28:41 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.